LR pixel

Cisco AsyncOS Zero-day

What is the Attack? Cisco has confirmed the active exploitation of a critical zero-day vulnerability in AsyncOS, tracked as CVE-2025-20393, affecting Cisco Secure Email Gateway (SEG) and Secure Email and Web Manager (SEWM) appliances. The vulnerability allows...

EDR-Freeze Bypass Technique

What is the EDR‑Freeze? EDR‑Freeze is a proof‑of‑concept technique that leverages legitimate Windows Error Reporting (WER) components to suspend (place into a ‘frozen’ state) endpoint protection processes from user mode. Instead of exploiting drivers or kernel...

Oracle Identity Manager Pre-Auth RCE

What is the Vulnerability? CVE-2025-61757 is a critical pre-authentication remote code execution vulnerability in Oracle Identity Manager’s REST WebServices. This vulnerability allows an unauthenticated attacker to exploit URI and matrix parameter parsing weaknesses...